RE: Tor MiTM Relay 12-30-2021, 04:40 PM
#8
If anybody is interested, there are a few white papers on Tor de-anonymization as well. You should check out The Software Engineering Institute ("SEI") of Carnegie Mellon University (CMU). https://motherboard.vice.com/read/tor-at...-two-weeks & Operation Onymous https://motherboard.vice.com/read/the-fb...fake-sites ... Just to start you out.
You can further research techniques on both de-anonymization using FOXACID, previously explained by Bruce Schneier. It's a large scale MITM (man-in-the-middle attack).
Then you can also look at technical writeups on browser-based attacks https://www.cs.utexas.edu/~ecprice/papers/tor.pdf and https://github.com/Attacks-on-Tor/Attacks-on-Tor
"The most commonly assumed threat is based on a passive adversary that can observe part of the Tor network and is able to compromise and operate his own onion routers. Such an attacker simply observes inputs and outputs of the network and correlates their patterns, so called traffic analysis. The attacker tries to measure similarities in the traffic that the client sends and the traffic that the server receives. Traffic analysis is commonly used in attacks on hidden services that try to de-anonymize users. Tor does not protect against a global passive adversary. Its focus is to prevent attacks where an attacker tries to determine in which points in the network a traffic pattern based attack should be executed. By making it difficult for an attacker to determine where to attack, a precision attack is difficult."
Also definitely check out this paper by the University of Colorado at Boulder https://mega.nz/file/WMVkHZxA#q1ufjGtpab...d-L1FUNVf4
That's already days worth of research on the topic of attacking for in that paper alone. The GitHub link is extensive and you an go as far down the rabbit hole as you wish.
You can further research techniques on both de-anonymization using FOXACID, previously explained by Bruce Schneier. It's a large scale MITM (man-in-the-middle attack).
Then you can also look at technical writeups on browser-based attacks https://www.cs.utexas.edu/~ecprice/papers/tor.pdf and https://github.com/Attacks-on-Tor/Attacks-on-Tor
"The most commonly assumed threat is based on a passive adversary that can observe part of the Tor network and is able to compromise and operate his own onion routers. Such an attacker simply observes inputs and outputs of the network and correlates their patterns, so called traffic analysis. The attacker tries to measure similarities in the traffic that the client sends and the traffic that the server receives. Traffic analysis is commonly used in attacks on hidden services that try to de-anonymize users. Tor does not protect against a global passive adversary. Its focus is to prevent attacks where an attacker tries to determine in which points in the network a traffic pattern based attack should be executed. By making it difficult for an attacker to determine where to attack, a precision attack is difficult."
Also definitely check out this paper by the University of Colorado at Boulder https://mega.nz/file/WMVkHZxA#q1ufjGtpab...d-L1FUNVf4
That's already days worth of research on the topic of attacking for in that paper alone. The GitHub link is extensive and you an go as far down the rabbit hole as you wish.
(This post was last modified: 12-30-2021, 05:06 PM by ConcernedCitizen.
Edit Reason: lol phone
)
ed25519/0x21AB6B6A6CB2C337
C87D87466FD205945CF10A3821AB6B6A6CB2C337
C87D87466FD205945CF10A3821AB6B6A6CB2C337
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)